Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
File: e75e46c0-2d4d-42fd-a050-85f835672397.roa (raw, json)
Hash identifier: 72mERruG+mugXQqf+QXI/ktt5s3GA3lUVF/XIHsVeiw=
Subject key identifier: 78:51:44:6D:48:F5:F3:B8:A1:A8:89:9A:41:0E:B9:41:48:39:C8:0C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 60DAAB272BD97D7BF8D739D00995B3CC6334D81D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
Signing time: Sat 09 Aug 2025 00:30:06 +0000
ROA not before: Sat 09 Aug 2025 00:30:06 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:da:ab:27:2b:d9:7d:7b:f8:d7:39:d0:09:95:b3:cc:63:34:d8:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:30:06 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=ef01d73f48bd11b498bf3fdfb8b89b406722084d00ccb8b333821f28557e1eeb, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f0:c1:ad:82:d7:70:77:f1:10:32:76:b9:af:
5c:99:b1:0c:fa:4b:4c:08:09:a5:70:cb:58:bf:49:
4b:3c:82:e0:cf:8c:5c:61:d7:9c:c0:11:17:81:22:
36:95:3d:d0:00:ce:18:f3:2e:ef:65:39:6c:b3:e2:
9c:1a:c6:a3:8b:79:d6:3b:c0:5e:60:9b:9b:a8:09:
dd:8a:85:11:a5:28:9a:2a:b1:fc:27:c6:1c:e3:3e:
f5:c1:28:75:48:6e:66:cf:dd:db:18:1a:3b:4f:55:
0a:48:22:6d:bb:8f:e0:fa:a5:7c:fd:4b:a8:12:3b:
c6:77:9c:72:99:d9:68:35:ce:99:b5:dc:71:02:64:
0a:e3:f3:53:c0:a1:11:42:ca:95:d3:e3:ea:ec:f0:
86:46:81:76:fd:39:19:d1:df:36:70:b3:6d:5e:48:
32:d3:9c:ed:a5:c8:e2:c3:2a:5a:7c:46:47:c2:d5:
93:a1:95:af:54:6f:99:87:0c:ef:05:cf:05:f5:5f:
2e:ce:1f:3e:0c:6e:08:6c:b9:7a:5e:f0:f4:49:d2:
04:6d:87:4f:e7:2d:68:9a:8f:f3:42:e4:bb:ba:ae:
f6:f2:2a:0a:a7:f5:03:2a:ed:33:b8:8c:05:e8:94:
d7:18:c0:d7:35:e6:4b:b7:64:c2:c2:da:5c:af:12:
c9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:51:44:6D:48:F5:F3:B8:A1:A8:89:9A:41:0E:B9:41:48:39:C8:0C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:9000::/36
Signature Algorithm: sha256WithRSAEncryption
51:f9:79:95:e5:65:3e:23:fe:fa:98:41:65:2a:0c:33:26:96:
17:6a:96:45:ab:4c:4d:83:6d:0e:0f:2a:29:84:a4:b5:f5:a8:
db:56:b7:02:d1:92:88:9b:49:93:08:f0:36:c7:97:d4:f9:1e:
77:98:f4:09:61:e9:7d:cb:e1:00:68:de:a2:a2:36:d2:54:74:
79:0d:f8:b8:66:db:93:93:c5:3d:1e:8f:c1:23:52:80:2f:56:
5e:94:11:47:09:eb:28:95:95:0d:07:3f:5c:26:b2:b8:c6:c8:
90:41:c0:aa:e1:aa:87:6d:2d:03:22:9d:e0:bf:f4:f9:ec:bf:
39:e1:d2:ae:0b:ab:7d:36:49:8e:84:a0:e0:da:55:20:f2:bb:
f5:23:6e:ff:26:a1:36:d7:27:fc:d3:a1:49:2b:69:5f:f5:7a:
07:8e:92:c4:1f:89:6a:0e:e8:4b:46:d2:d1:cc:5b:4c:09:91:
06:cf:94:11:b5:43:6c:31:86:50:34:6f:7e:45:8d:f3:f7:24:
d8:06:7b:81:7a:08:4c:05:54:7f:04:4d:d0:aa:87:ff:64:3a:
67:2a:b1:93:b0:28:90:2a:dd:68:67:f3:e5:25:1f:49:af:86:
5b:64:52:bc:3a:82:01:5b:73:15:9f:24:0a:80:db:55:56:53:
66:c5:39:f8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYNqrJyvZfXv41znQCZWzzGM02B0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDMwMDZaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmMDFkNzNmNDhiZDExYjQ5OGJmM2ZkZmI4Yjg5YjQwNjcyMjA4NGQwMGNj
YjhiMzMzODIxZjI4NTU3ZTFlZWIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrwwa2C13B38RAydrmvXJmxDPpLTAgJpXDLWL9JSzyC4M+MXGHXnMARF4Ei
NpU90ADOGPMu72U5bLPinBrGo4t51jvAXmCbm6gJ3YqFEaUomiqx/CfGHOM+9cEo
dUhuZs/d2xgaO09VCkgibbuP4PqlfP1LqBI7xneccpnZaDXOmbXccQJkCuPzU8Ch
EULKldPj6uzwhkaBdv05GdHfNnCzbV5IMtOc7aXI4sMqWnxGR8LVk6GVr1RvmYcM
7wXPBfVfLs4fPgxuCGy5el7w9EnSBG2HT+ctaJqP80Lku7qu9vIqCqf1AyrtM7iM
BeiU1xjA1zXmS7dkwsLaXK8SydsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR4UURt
SPXzuKGoiZpBDrlBSDnIDDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTc1ZTQ2YzAtMmQ0ZC00MmZkLWEwNTAtODVmODM1NjcyMzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBR+XmV5WU+I/76mEFlKgwzJpYXapZFq0xNg20O
DyophKS19ajbVrcC0ZKIm0mTCPA2x5fU+R53mPQJYel9y+EAaN6iojbSVHR5Dfi4
ZtuTk8U9Ho/BI1KAL1ZelBFHCesolZUNBz9cJrK4xsiQQcCq4aqHbS0DIp3gv/T5
7L854dKuC6t9NkmOhKDg2lUg8rv1I27/JqE21yf806FJK2lf9XoHjpLEH4lqDuhL
RtLRzFtMCZEGz5QRtUNsMYZQNG9+RY3z9yTYBnuBeghMBVR/BE3Qqof/ZDpnKrGT
sCiQKt1oZ/PlJR9Jr4ZbZFK8OoIBW3MVnyQKgNtVVlNmxTn4
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:42 2025 by rpki-client